"I love Security Intelligence - Cybersecurity Analysis & Insight"

2022-05-05 17:21:56

Security Intelligence News Series Topics Threat Research Podcast News Series Topics Threat Research Podcast {{#articles}} {{title}} {{/articles}} View All News {{#articles}} {{title}} {{/articles}} View All Series Application Security Artificial Intelligence CISO Cloud Security Data Protection Endpoint Fraud Protection Identity & Access Incident Response Mainframe Network Risk Management Intelligence & Analytics Security Services Threat Hunting Zero Trust Infographic: Zero trust policy Timeline: Local Government Cyberattacks Industries Banking & Finance Energy & Utility Government Healthcare Retail View All Topics {{#articles}} {{title}} {{/articles}} View More From X-Force {{#articles}} {{title}} {{/articles}} View All Episodes News Series Topics All Categories Application Security Identity & Access Artificial Intelligence Incident Response CISO Mainframe Cloud Security Mobile Security Data Protection Network Endpoint Risk Management Fraud Protection Threat Hunting Security Services Security Intelligence & Analytics Industries Banking & Finance Energy & Utility Government Healthcare Retail Threat Research Podcast EXCLUSIVE Malware April 26, 2022 Hive0117 Continues Fileless Malware Delivery in Eastern Europe Through continued research into the ongoing cyber activity throughout Eastern Europe, IBM Security X-Force identified a phishing email campaign by Hive0117, likely a financially motivated cybercriminal group, from February 2022, designed to deliver the fileless malware variant dubbed DarkWatchman. The… Read more Latest Articles CISO May 5, 2022 Modern Identity and Access Management Makes a Difference, Especially at a Mega-Scale 2 min read - As businesses embrace more remote users and a hybrid work model, managing user identity and access is more important than ever. Add authentication for millions of third parties and non-employees, and thousands of applications and IoT devices to the mix… Software Vulnerabilities May 5, 2022 X-Force Research Update: Top 10 Cybersecurity Vulnerabilities of 2021 6 min read - From 2020 to 2021, there was a 33% increase in the number of reported incidents caused by vulnerability exploitation, according to the 2022 X-Force Threat Intelligence Index. A large percentage of these exploited vulnerabilities were newly discovered; in fact, four… Software Vulnerabilities May 5, 2022 X-Force Research Update: Top 10 Cybersecurity Vulnerabilities of 2021 6 min read - From 2020 to 2021, there was a 33% increase in the number of reported incidents caused by vulnerability exploitation, according to the 2022 X-Force Threat Intelligence Index. A large percentage of these exploited vulnerabilities were newly discovered; in fact, four… Cloud Security May 4, 2022 One Small Error by DevOps, One Giant Opening for Attackers 4 min read - When you look at breach statistics in today’s cloud-dominated IT world, you can see several examples where a small error made by the DevOps or CloudOps team has led to a tremendous impact on businesses’ reputations or, in some cases,… Banking & Finance May 3, 2022 SEC Proposes New Cybersecurity Rules for Financial Services 4 min read - Proposed new policies from the Securities and Exchange Commission (SEC) could spell changes for how financial services firms handle cybersecurity. On Feb. 9, the SEC voted to propose cybersecurity risk management policies for registered investment advisers, registered investment companies and… More articles TRENDING News May 4, 2022 Arrests Made in Relation to LAPSUS$ Cyber Gang  2 min read - The cyber criminal organization LAPSUS$ has claimed responsibility for a number of high-profile attacks. Did they give away too much in their bragging? It could be since the City of London police say they have arrested seven teenagers in relation… News April 20, 2022 FBI Releases AvosLocker Ransomware Advisory 2 min read - On March 17, the FBI, the U.S. Treasury Financial Crimes Enforcement Network and the Department of the Treasury released a joint cybersecurity advisory about AvosLocker, a ransomware-as-a-service (RaaS) affiliate-based group. According to the advisory, AvosLocker has targeted victims across multiple… News March 30, 2022 US Congress Approves Strengthening American Cybersecurity Act 2 min read - Federal agencies and critical infrastructure owners and operators may need to change how they respond to cyber attacks.The U.S. Congress passed new legislation mandating they report attacks within 72 hours. In addition, it requires them to report ransomware payments within… News February 9, 2022 Attackers Used Malicious Telegram Installer to Distribute Purple Fox Rootkit 2 min read - Threat actors leveraged a malicious Telegram installer to infect users with the Purple Fox rootkit. A Case Study in Evasion With the help of MalwareHunterTeam, Minerva Labs looked into a malicious Telegram installer and found that it was a compiled… More News Timeline State and Local Government Cyberattacks Timeline State and local governments face malicious actors who target personal information and key services, endangering both citizens and critical infrastructure. Explore this timeline for a sense of the evolving landscape, attack patterns and prevention best practices. EXPLORE THE TIMELINE Latest Articles Latest Articles Data Protection May 2, 2022 Technologies Useful In the Pandemic Are Challenging Privacy Now 3 min read - Your company likely made many quick decisions back in March 2020. As an IT leader, you provided the tools employees needed to stay productive while working remotely. It had to happen now or sooner. Your team made it possible for… Data Protection April 28, 2022 What Are the Biggest Phishing Trends Today? 4 min read - According to the 2022 X-Force Threat Intelligence Index, phishing was the most common way that cyber criminals got inside an organization. Typically, they do so to launch a much larger attack such as ransomware. The Index also found that phishing… Application Security April 27, 2022 Electron Application Attacks: No Vulnerability Required 3 min read - While you may have never heard of “Electron applications,” you most likely use them. Electron technology is in many of today’s most popular applications, from streaming music to messaging to video conferencing applications. Under the hood, Electron is essentially a… CISO April 27, 2022 Putting Your SOC in the Hot Seat 4 min read - Today’s Security Operations Centers (SOCs) are being stress-tested as never before. As the heart of any organization’s cybersecurity apparatus, SOCs are the first line of defense, running 24/7 operations to watch for alerts of attacks and appropriately address those alerts… Data Protection April 26, 2022 5 Data Security Challenges and How to Solve Them 3 min read - Nearly two-thirds of the global population will have internet access by next year, according to Cisco’s Annual Internet Report (2018-2023) White Paper. There will be 5.3 billion total internet users (66% of the global population) by 2023, up from… More articles Choose a Category CISO Zero Trust Cloud Security Data Protection Identity & Access Threat Research Choose a Category CISO Zero Trust Cloud Security Data Protection Identity & Access Threat Research Web Stories Cyber threats: What’s new, old and trendingData breach costs hit record highsRansomware: What you don’t knowGetting started with zero trustCybersecurity in the age of COVID Latest Podcast Season 2 |Episode 6 Operational Technology Attacks: The Curse of Cassandra or the Hype of Chicken Little? Season 2 |Episode 5 Now You See Me, Now You Don’t: How Regulating Cryptocurrency Might Make It Easier to Unearth Cybercriminals Season 2 |Episode 4 I’d Like to Buy a Vowel: The Price of Poor Communication During a Data Breach Season 2 |Episode 3 Cybersecurity Superheroes Next Gen: How Higher-Ed Helps Them Find Their Crime-Fighting Niche Season 2 |Episode 2 Lured To The Dark Side: The Criminal Hacker Journey, Pt. 2 Season 2 |Episode 1 Lured To The Dark Side: The Criminal Hacker Journey, Pt. 1 Developing a Cloud Security Strategy Training with Chaos Engineering Time Is (Still) Money and Other Findings from the 2020 Cost of a Data Breach Report Contextualizing Zero Trust previous podcast Play podcast pause podcast Next podcast 34:13 Operational Technology Attacks: The Curse of Cassandra or the Hype of Chicken Little? 34:13 Now You See Me, Now You Don’t: How Regulating Cryptocurrency Might Make It Easier to Unearth Cybercriminals 28:21 I’d Like to Buy a Vowel: The Price of Poor Communication During a Data Breach 29:15 Cybersecurity Superheroes Next Gen: How Higher-Ed Helps Them Find Their Crime-Fighting Niche 27:04 Lured To The Dark Side: The Criminal Hacker Journey, Pt. 2 30:32 Lured To The Dark Side: The Criminal Hacker Journey, Pt. 1 23:48 Developing a Cloud Security Strategy 26:10 Training with Chaos Engineering 32:23 Time Is (Still) Money and Other Findings from the 2020 Cost of a Data Breach Report 24:22 Contextualizing Zero Trust 27:05 ALL Episodes Subscribe SoundCloud Spotify Apple Podcasts Subscribe Soundcloud Spotify .cls-1{fill-rule:evenodd;} Artboard 1 Apple Podcasts More Articles Incident Response April 25, 2022 Solving the Data Problem Within Incident Response 3 min read - One of the underappreciated aspects of incident response (IR) is that it often starts as a data problem. In many cases, IR teams are presented with an effect such as malware or adversary activity and charged with determining the cause… Data Protection April 25, 2022 QR Code Security: How Your Business Can Use Them Responsibly 6 min read - The Coinbase Super Bowl ad sparked several conversations in my family. My son in college used the QR code to sign up to buy cryptocurrency, something he had been interested in for a while. My mother-in-law mistakenly scanned the code… CISO April 22, 2022 Cybersecurity for a More Sustainable Future 3 min read - As we celebrate Earth Day 2022, companies around the world, including IBM, are continuing broad investment in efforts to combat climate change and strive to bring new ideas to the world in support of sustainability and to make the world… Risk Management April 21, 2022 Building the CASE for the Vehicle Security Operations Center 3 min read - This post was written with contributions from IBM Security’s Rob Dyson, Preston Futrell and Brett Drummond. Let’s explore a day in the life of a vehicle security operations center (VSOC). An autonomous vehicle is transporting passengers to their destination. Inside… Zero Trust April 21, 2022 Remote Work Makes it More Important Than Ever to Trust Zero Trust 4 min read - The remote work era makes the zero trust model critical for most businesses. The time has come to use it. But first, let’s understand what it really is and why the hybrid and remote work trend makes it all but… More articles Sponsored Top cyber risks examined in the 2022 Threat Intelligence Index Ransomware was the number one attack type observed in 2021, accounting for 21% of all attacks and hitting the manufacturing industry the hardest. Explore the various old, new and trending threats and how you can protect against them. Download the report Featured by topic Cloud Security January 18, 2022 3 Cloud Security Trends to Watch in 2022 Many organizations have cloud security on their minds going into 2022. In April 2021, for instance,… Zero Trust December 28, 2021 2021 Zero Trust Security Intelligence Roundup A zero trust approach to security has been steadily gaining steam for the last several years.… Data Protection December 6, 2021 Public Wi-Fi Security: Is It Safe to Use for Business? Let’s say you need to send an urgent email to a client while you’re at the… CISO December 21, 2021 Why CISOs Shouldn’t Report to CIOs in the C-Suite Cybersecurity plays a critical role in enterprises today. It has evolved from playing a fringe role… Security Services April 22, 2020 Is a Managed Security Services Provider (MSSP) Right for Your Organization? Leveraging a managed security services provider can help reduce risk and improve incident response. But when… Incident Response November 30, 2021 Understanding the Adversary: How Ransomware Attacks Happen IBM Security X-Force Incident Response (IR) has responded to hundreds of ransomware incidents across every geography… Identity & Access December 2, 2021 Why the Future Needs Passwordless Authentication As of September, Microsoft users no longer have to rely on passwords when logging in to… Endpoint December 12, 2021 How Log4j Vulnerability Could Impact You Get the latest on the vulnerability dubbed "Log4Shell," a remote code execution vulnerability. Threat Intelligence January 26, 2022 Cybersecurity Superheroes Next Gen: How Higher-Ed Helps Them Find Their Crime-Fighting Niche What role do schools, employers and mentors play in shaping the next generation of cybersecurity professionals?… News January 5, 2022 FBI Email Account Abused to Send Out Warnings of Fake Cyberattacks Someone used an FBI email account to send out messages warning recipients of fake cyberattacks that… More topics Analysis and insights from hundreds of the brightest minds in the cybersecurity industry to help you prove compliance, grow business and stop threats. Cybersecurity News By Topic By Industry Exclusive Series Threat Research Podcast Events Contact About Us Become a Contributor Follow us on social © 2022 IBM Contact Privacy Terms of use Accessibility Cookie Preferences Sponsored by .cls-1{fill:#fff;}si-icon-eightbarfeature Cyber threats: What’s new, old and trendingData breach costs hit record highsRansomware: What you don’t knowGetting started with zero trustCybersecurity in the age of COVIDCyber threats: What’s new, old and trendingData breach costs hit record highsRansomware: What you don’t knowGetting started with zero trustCybersecurity in the age of COVID